Skip to main content

Yahoo was hacked in 2013, and more than 1 billion accounts were compromised

verizon yahoo acquisition 5 billion version 1469435806 offices headquarters hq sign logo
Image used with permission by copyright holder
Yahoo is already dealing with some customer distrust issues thanks to a hack that took place in September, and now new information about another hack has emerged and could really be the final nail in the long overdue Yahoo coffin.

The company has disclosed a hack that took place way back in August 2013, in which hackers obtained data from a stunning 1 billion accounts. Yahoo claims this information could include names, email address, phone numbers, dates of birth, encrypted passwords, and even the answers to some security questions, both encrypted and unencrypted.

It’s currently unknown exactly how this hack happened, as well as why it took so long for anyone to find out about it. Yahoo itself apparently didn’t learn about the hack until it began investigating the September hack — but that begs another question: How did it take so long for Yahoo to discover a hack of this scale?

The company is quick to point out that, according to its investigation, no passwords in clear text were obtained, nor any credit card data or bank information.

“Payment card data and bank account information are not stored in the system the company believes was affected,” Yahoo Chief Information Security Officer Bob Lord said in a statement.

Yahoo says that it will notify everyone it thinks was impacted by the hack, and that it believes all the unencrypted security questions and answers were made invalid. If you suspect that your account may have been compromised, Yahoo suggests that you review your account for suspicious activity and be wary of any phishing scams.

Unfortunately for Yahoo customers, this isn’t the only hack the company has suffered from. In September Yahoo, underwent a “state-sponsored” hack in which information was stolen from 500 million accounts.

Yahoo is currently in the midst of an acquisition be Verizon, which has agreed to pay a hefty $4.83 billion for the company. It’s unclear how and if the disclosure of this hack will affect that acquisition.

We’ve reached out to Yahoo for more information and will update this story if and when we hear back.

Editors' Recommendations

Christian de Looper
Christian’s interest in technology began as a child in Australia, when he stumbled upon a computer at a garage sale that he…
FCC says it will cost more than $1.8 billion to replace Huawei, ZTE equipment
huawei harmonyos interview peter gauden building full

The United States Federal Communications Commission (FCC) said that it will cost rural telecommunications providers at least $1.8 billion to replace the Huawei and ZTE equipment that are currently in use in their networks.

President Donald Trump has tagged Huawei and ZTE as threats to national security, extending the existing ban on U.S. companies using their equipment to May 2021. The FCC designated Huawei and ZTE as national security risks in June.

Read more
AppleCare fraud scheme used more than 1,000 fake iPhones from Hong Kong
iPhone 11 Pro feature image

A pair of Chinese citizens have been charged with fraud in Switzerland for a scheme that involved more than 1,000 fake iPhones from Hong Kong.

The pair, a mother and son, took the "deceptively real-looking" iPhones to Apple Stores, where they asked for replacements. The fake iPhones, which had simulated water damage, were also given IMEI numbers that matched genuine iPhones with legitimate AppleCare+ policies, 9to5Mac reported.

Read more
More than 1,000 Twitter employees reportedly have complete access to accounts
twitter and laptop hacked

The high-profile cryptocurrency scam that took place last week has underlined the broader vulnerabilities in Twitter’s infrastructure as new details about it continue to unfold. Now, a new Reuters report reveals what may have brought the social network’s security crumbling down in the first place: More than 1,000 people at the company had the ability to control everyone’s accounts.

Reuters says these employees, which also include hires from third-party contractors such as Cognizant, have access to internal tools that potentially allows them to switch sensitive user settings. More importantly, they have the option to hand this access to anyone else by sharing their credentials -- which is what reportedly led to the hack last week as per a few outlets.

Read more